const config = require('../config') // 引入配置文件
const SECRET_KEY = config.jwtSecret // 从配置文件中获取密钥

const jwt = require('jsonwebtoken')

const generateToken = (payload, expiresIn = '1h') => {
  return jwt.sign(payload, SECRET_KEY, { expiresIn })
}

const verifyToken = (token) => {
  try {
    const decoded = jwt.verify(token, SECRET_KEY, { algorithms: ['HS256'] })
    return { valid: true, decoded }
  } catch (error) {
    console.error('Token verification failed:', error)
    return { valid: false, error: error.message }
  }
}

module.exports = { generateToken, verifyToken }